TCPDUMP OUTPUT

Question

I have a strange situation, when I run a tcpdump without the -n switch I do not get any output on the interface, but as soon as I add -n I start seeing the packets. Has anyone else encountered the same and know the reason please.&nbsp;
tcpdump -i 0.0 host x.y.z.t ---&gt; No Output&nbsp;
tcpdump -n -i 0.0 host x.y.z.t ---&gt; Output&nbsp;

mike_61663 · Answer

-n means don't resolve the IP addresses to hostnames.  &nbsp;
Do you have DNS set up and is it working?  I would recommend always disabling tcpdump name resolution when doing realtime packet captures.  i.e. Always use -n for realtime captures!&nbsp;

maneesh_72711 · Answer

Thanks Mike...it has a DNS configured but cannot reach the DNS server at port 53. Would check where it is blocked.&nbsp;

boneyard · Answer

totally agree with Mike, always -n or even -nn, next to the delay it also causes extra network traffic that can cause surprises in your capture :)&nbsp;

Forum Discussion

TCPDUMP OUTPUT

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

AI Security : Prompt Injection and Insecure Output Handling.

8. SYN Cookie: Troubleshooting tcpdump

Parsing tmsh command output with Python TextFSM module and some Lessons learned

Decrypting TLS with the tcpdump sslprovider

Packet Analysis with Scapy and tcpdump: Checking Compatibility with F5 SSL Orchestrator

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS